Closed kylehickinson closed 8 months ago
Let's sec review it
I get .mixedContent
warning here as well https://stoletheminerals.github.io/mixedcontent.html. Do we check for mixed content before auto-upgrading?
Same on Booking. I can see that links were upgraded to HTTPS, but the warning is still there.
@stoletheminerals Seems like there may a race condition somewhere in the logic that updates the UI, when I attach the debugger and run through the results I actually see even very.badssl.com
no longer shows as not secure (along with your test site).
Seems like there is a bug in WebKit here, where hasOnlySecureContent
does not update to true
when http content is promoted to https via content blocker. Open WebKit bug report: https://bugs.webkit.org/show_bug.cgi?id=258711
Summary of Changes
This pull request fixes #8664
Submitter Checklist:
NSLocalizableString()
Test Plan:
Note: Due to a WebKit bug (https://bugs.webkit.org/show_bug.cgi?id=258711) the app will still display the "Not Secure" triangle even if all http content is promoted to https.
very.badssl.com
(or any mixed content site) shows only the triangle icon but that the icon is still tappable.http.badssl.com
/expired.badssl.com
still display the appropriate "Not Secure" titleReviewer Checklist:
QA/(Yes|No)
bug
/enhancement